PT-2000-1919 · Red Hat · Red Hat

Published

2000-12-11

Updated

2017-12-19

CVE-2000-1009

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Linux version 6.2

Description The issue allows local users to obtain root privileges by modifying the RSH environmental variable to point to a Trojan horse program, as the dump utility in the affected system trusts the pathname specified by this variable.

Recommendations For Red Hat Linux version 6.2, update the system to prevent the dump utility from trusting the RSH environmental variable, or restrict access to the dump utility to prevent exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1009

Affected Products

Red Hat

PT-2000-1919 · Red Hat · Red Hat

CVE-2000-1009

Related Identifiers

Affected Products

References · 6